From 1d226d9aaf67bd02fe6c4174e39254e5027fb24b Mon Sep 17 00:00:00 2001 From: LeonG11 Date: Tue, 23 Jun 2026 14:09:32 +0300 Subject: [PATCH] feat: add API getallorders and getorder by id --- backend/handlers/order_handler.go | 26 ++++++++++++++++++++++++++ backend/main.go | 2 ++ backend/middleware/auth.go | 1 - 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/backend/handlers/order_handler.go b/backend/handlers/order_handler.go index 59f7871..5ec6c9f 100644 --- a/backend/handlers/order_handler.go +++ b/backend/handlers/order_handler.go @@ -95,3 +95,29 @@ func GetUserOrders(c *gin.Context) { c.JSON(http.StatusOK, orders) } + +func GetOrder(c *gin.Context) { + userID := getUserID(c) + + orderID := c.Param("id") + + var order models.Order + + if err := database.DB.Preload("Items.Item").Where("id = ? AND user_id = ? ", orderID, userID).First(&order).Error; err != nil { + c.JSON(http.StatusNotFound, gin.H{"error": "Заказ не найден"}) + return + } + + c.JSON(http.StatusOK, order) +} + +func GetAllOrders(c *gin.Context) { + var orders models.Order + + if err := database.DB.Preload("Items.Item").Find(&orders).Error; err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"error": "Не удалось вывести заказы"}) + return + } + + c.JSON(http.StatusOK, orders) +} diff --git a/backend/main.go b/backend/main.go index 1824c43..b492f14 100644 --- a/backend/main.go +++ b/backend/main.go @@ -54,12 +54,14 @@ func main() { protected.DELETE("/cart/:id", handlers.RemoveFromCart) protected.POST("/orders/", handlers.CreateOrder) protected.GET("/orders", handlers.GetUserOrders) + protected.GET("/orders/:id", handlers.GetOrder) } admin := protected.Group("/") admin.Use(middleware.AdminOnly()) { admin.POST("/register", handlers.Register) + admin.GET("/admin/orders", handlers.GetAllOrders) } } diff --git a/backend/middleware/auth.go b/backend/middleware/auth.go index 4009ce9..1399b47 100644 --- a/backend/middleware/auth.go +++ b/backend/middleware/auth.go @@ -52,7 +52,6 @@ func AuthRequired() gin.HandlerFunc { func AdminOnly() gin.HandlerFunc { return func(c *gin.Context) { role, exists := c.Get("role") - if !exists || role != "Админ" { c.JSON(http.StatusForbidden, gin.H{"error": "Доступ ограничен"}) c.Abort()